The Hacker News

  • New USBCulprit Espionage Tool Steals Data From Air-Gapped Computers
    by [email protected] (Ravie Lakshmanan) on 4 Haziran 2020 at 08:31

    A Chinese threat actor has developed new capabilities to target air-gapped systems in an attempt to exfiltrate sensitive data for espionage, according to a newly published research by Kaspersky yesterday. The APT, known as Cycldek, Goblin Panda, or Conimes, employs an extensive toolset for lateral movement and information stealing in victim networks, including previously unreported custom […]

  • Two Critical Flaws in Zoom Could've Let Attackers Hack Systems via Chat
    by [email protected] (Unknown) on 3 Haziran 2020 at 15:53

    If you're using Zoom—especially during this challenging time to cope with your schooling, business, or social engagement—make sure you are running the latest version of the widely popular video conferencing software on your Windows, macOS, or Linux computers. No, it's not about the arrival of the most-awaited "real" end-to-end encryption feature, which apparently, according to the latest news, […]

  • Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers
    by [email protected] (Ravie Lakshmanan) on 3 Haziran 2020 at 13:10

    A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in Sybase Adaptive Server Enterprise (ASE), a relational database management software geared towards […]

  • New Skill Testing Platform For 6 Most In-Demand Cybersecurity Jobs
    by [email protected] (The Hacker News) on 3 Haziran 2020 at 11:16

    Building a security team is a necessity for organizations of all industries and sizes. It makes selecting the right person for the job a critical task in which testing candidates' domain knowledge is a core component of the hiring process. A common practice is for each organization to put together a dedicated set of questions for each role. Today, Cynet launches the Cybersecurity Skill Tests […]

  • Critical VMware Cloud Director Flaw Lets Hackers Take Over Corporate Servers
    by [email protected] (Ravie Lakshmanan) on 2 Haziran 2020 at 05:37

    Cybersecurity researchers today disclosed details for a new vulnerability in VMware's Cloud Director platform that could potentially allow an attacker to gain access to sensitive information and control private clouds within an entire infrastructure. Tracked as CVE-2020-3956, the code injection flaw stems from an improper input handling that could be abused by an authenticated attacker to […]